203 lines
6.1 KiB
PHP
203 lines
6.1 KiB
PHP
<?php
|
|
|
|
//use PhangoApp\PhaView\View;
|
|
use PhangoApp\WPDO\WPDO;
|
|
use PhangoApp\PhaRouter\Url;
|
|
//use PhangoApp\PhaModels\Webmodel;
|
|
|
|
//include('./modules/admin/libraries/login.php');
|
|
|
|
include('modules/admin/libraries/tplcontroller.php');
|
|
|
|
class AppController extends TplController{
|
|
|
|
public function app($op='') {
|
|
|
|
switch($op) {
|
|
|
|
default:
|
|
|
|
if($this->check_login()) {
|
|
|
|
//Default admin page.
|
|
|
|
}
|
|
else {
|
|
|
|
header('Location: '.PhangoApp\PhaRouter\Url::make_url('admin', 'app', ['login']));
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case 'login':
|
|
|
|
$this->db->connect();
|
|
|
|
$c_user=$this->db->select_count('', []);
|
|
|
|
if(!$c_user) {
|
|
|
|
header('Location: '.Url::make_url('admin', 'app', ['signup']));
|
|
|
|
}
|
|
|
|
//print_r($this->db->table);
|
|
|
|
|
|
|
|
/*$conn=MySQL::get_pdo_connection();
|
|
|
|
$sth=$conn->query('SELECT count(*) as num_items from useradmin');
|
|
|
|
$count=$sth->fetch()[0];
|
|
|
|
if($count==0) {
|
|
|
|
header('Location: '.PhangoApp\PhaRouter\Url::make_url('admin', 'app', ['signup']));
|
|
|
|
}
|
|
|
|
echo View::load_view(['login' => 1], 'login');*/
|
|
|
|
break;
|
|
|
|
case 'signup':
|
|
|
|
|
|
|
|
break;
|
|
|
|
case 'login_check':
|
|
|
|
/*$conn=MySQL::get_pdo_connection();
|
|
|
|
$data=['error' => 1];
|
|
|
|
$username=$_POST['username'];
|
|
|
|
$password=$_POST['password'];
|
|
|
|
$sth=$conn->prepare('SELECT id, password from useradmin where username=?');
|
|
|
|
$sth->execute([$username]);
|
|
|
|
$rows=$sth->fetchAll();
|
|
|
|
if(count($rows)>0) {
|
|
|
|
$password_hash=$rows[0]['password'];
|
|
|
|
if(password_verify($password, $password_hash)) {
|
|
|
|
$data['error']=0;
|
|
|
|
$_SESSION['phango_login']=1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
header('Content-Type: application/json; charset=utf-8');
|
|
|
|
return json_encode($data);
|
|
|
|
break;
|
|
|
|
case 'register':
|
|
|
|
$conn=MySQL::get_pdo_connection();
|
|
|
|
$sth=$conn->query('SELECT count(*) as num_items from useradmin');
|
|
|
|
$count=$sth->fetch()[0];
|
|
|
|
if($count==0) {
|
|
|
|
echo View::load_view(['login' => 0], 'login');
|
|
|
|
}
|
|
|
|
break;
|
|
|
|
case 'signup_check':
|
|
|
|
$data=['error' => 0];
|
|
|
|
$arr_data=['username', 'email', 'password', 'repeat_password'];
|
|
|
|
foreach($arr_data as $v) {
|
|
|
|
settype($_POST[$v], 'string');
|
|
|
|
}
|
|
|
|
//$username=$_POST['username'];
|
|
//^[A-Za-z0-9_-]+$
|
|
|
|
$username=trim($_POST['username']);
|
|
|
|
if(!preg_match('/^[A-Za-z0-9_-]+$/', $username)) {
|
|
|
|
$data['error']=1;
|
|
$data['username']=_("Error: empty value");
|
|
|
|
}
|
|
|
|
$email=filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
|
|
|
|
if(!$email) {
|
|
|
|
$data['error']=1;
|
|
$data['email']=_("Error: email is not valid");
|
|
|
|
|
|
}
|
|
|
|
$password=trim($_POST['password']);
|
|
$repeat_password=trim($_POST['repeat_password']);
|
|
|
|
if($password=='') {
|
|
|
|
$data['error']=1;
|
|
$data['password']=_("Error: password empty");
|
|
|
|
}
|
|
else {
|
|
|
|
if($password!=$repeat_password) {
|
|
|
|
$data['error']=1;
|
|
$data['password']=_("Error: password not equal");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if($data['error']==0) {
|
|
|
|
$password=password_hash($password, PASSWORD_DEFAULT);
|
|
|
|
$conn=MySQL::get_pdo_connection();
|
|
|
|
if(!$conn->prepare('INSERT into useradmin (`username`, `password`, `email`) VALUES (?, ?, ?)')->execute([$username, $password, $email])) {
|
|
|
|
$data['error']=1;
|
|
$data['username']=_("Error: cannot insert the new user in database, check your database connection");
|
|
|
|
}
|
|
|
|
//$sth->execute([$username, $password, $email]);
|
|
|
|
}
|
|
|
|
header('Content-Type: application/json; charset=utf-8');
|
|
|
|
return json_encode($data);*/
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
}
|